/*
 * Copyright 2007-2008 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Sun designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Sun in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */

package jsr203.nio.file.attribute;

import java.security.Principal;

/**
 * A {@code Principal} representing an identity used to determine access rights
 * to objects in a file system.
 *
 * <p> On many platforms and file systems an entity requires appropriate access
 * rights or permissions in order to access objects in a file system. The
 * access rights are generally performed by checking the identity of the entity.
 * For example, on implementations that use Access Control Lists (ACLs) to
 * enforce privilege separation then a file in the file system may have an
 * associated ACL that determine the access rights of identities specified in the
 * ACL.
 *
 * <p> A {@code UserPrincipal} object is an abstract representation of an
 * identity. It has a {@link #getName() name} that is typically the username or
 * account name that it represents. User principal objects are created by {@link
 * FileAttributeView} implementations that provide access to identity related
 * attributes. For example, the {@link PosixFileAttributeView} provides
 * access to a file's {@link PosixFileAttributes#owner owner} and {@link
 * PosixFileAttributes#group group-owner} on platforms and file systems that
 * support these attributes.
 *
 * <p> A {@code UserPrincipal} may represent a single identity or a
 * <em>group</em> identity. The exact definition of group is implementation
 * specific but typically it represents an identity created for administrative
 * purposes so as to determine the access rights for the members of the group.
 * Whether an entity can be a member of multiple groups, and whether
 * groups can be nested, is implementation specific.
 *
 * @since 1.7
 *
 * @see UserPrincipalLookupService
 */

public interface UserPrincipal
    extends Principal
{
    /**
     * Tells whether this user principal represents a group.
     *
     * @return  {@code true} if this this user principal represents a group
     */
    boolean isGroup();
}
